Tech Support Scam Spoofs Microsoft Support

Redirected via malvertising, a new tech support scam makes users believe that they have been redirected to a legit Microsoft support website.

The fake website uses a script from the Techbrolo malware family to pull off the scam. Once the website opens, users are faced with an audio message and a popup that says the users system has been locked due to a virus infection. Users are prompted to call a "tech support" number for help.

If the users clicks "OK", another web element opens. Again, clicking "OK" puts the victim into full-screen mode with another web element that appears to redirect the user to a Chrome browser's version of the Microsoft support page. However, the victim is still on the scam site. To help fool the victim, the address bar reads: "support.microsoft.com/ru-ru/en".

If the potential victim exits full-screen mode, it reveals the malicious URL. "As this newly discovered support scam website shows, scammers are always on the lookout for opportunities to improve their tools," the Microsoft blog post reads. "They can get really creative, motivated by the possibility of avoiding security solutions and ultimately increasing the chances of you falling for their trap."